Microsoft is altering the way you ship managed functions to person desktops. It’s time to rethink the way you’re doing it.
Microsoft is within the course of of fixing how companies use the Microsoft Retailer, because it brings its Bundle Supervisor tooling into Endpoint Supervisor, deprecating the present Microsoft Retailer for Enterprise service. This implies it’ll not be potential to make use of the Microsoft Retailer to purchase utility licenses, although you’ll nonetheless have the ability to obtain free and individually licensed functions.
A part of the answer comes with adjustments to how Microsoft monetizes its retailer, together with massive adjustments in the way it matches into the Home windows ecosystem. This permits distributors to supply their very own licensing and fee frameworks outdoors of the Home windows Retailer, and even to make use of their very own obtain services. The place you used to have to purchase and deploy instruments like Adobe’s Inventive Cloud immediately from Adobe, now you can let customers obtain the Inventive Cloud utility from the shop and use assigned licenses to ship functions to their PCs.
SEE: Ethics coverage: Vendor relationships (TechRepublic Premium)
This manner you’ll be able to preserve a separate contractual relationship with corporations, assigning enterprise subscriptions to customers’ e-mail addresses. The shop is barely an preliminary gateway – all downloads really come from their very own servers or hosted repositories.
Some companies used the Retailer for Enterprise to deploy options just like the Home windows HEVC codecs to their customers. Whereas pay-for functions like this gained’t be out there by means of the brand new Retailer providers, customers who’re working an up-to-date Home windows set up gained’t want to put in many of those apps, as they’re now options in present Home windows releases.
Supply by way of winget
One attention-grabbing facet of the transition is the choice of utilizing winget with non-public repositories, both working your personal or working with hosted providers like Winget Professional. This method avoids Microsoft’s restrictions on internet hosting paid functions. After you have licensed installers, you’ll be able to retailer them in a winget repository, utilizing scripts to deploy the functions to customers. You will want to supply your personal auditing although, making certain that you’ve got the best variety of licenses for deployed functions.
These non-public winget repositories don’t should be yours. It’s straightforward to see software program distributors providing their very own, and offering winget scripts to be used in your networks. Right here Endpoint Supervisor turns into the tooling for subscribing to those repositories, and for delivering obtain scripts to customers based mostly on their Azure Energetic Listing memberships.
Scripting winget
Scripting winget is comparatively easy. Microsoft supplies examples of each batch scripts and PowerShell, so you’ll be able to present start-up actions that preserve person functions updated. Alternatively, distant PowerShell actions can deal with updates and installs, utilizing silent installs to attenuate person disruption. How winget installs functions is dependent upon the installer sort, so you could must repackage an installer to get the choices you want.
It’s vital to check winget scripts earlier than you run them. It is going to run installs in sequence, launching one when the earlier finishes; nonetheless, some installers launch secondary processes, having a grasp installer that runs different installers so as to add modules. This could trigger winget to launch the subsequent installer earlier than one has completed. Use winget’s logs to know how installs run and, if obligatory, you’ll be able to add timeouts between installs to keep away from any potential clashes.
The street to fashionable administration instruments
Through the use of Endpoint Supervisor to regulate entry to private and non-private repositories, you’re transferring into utilizing fashionable administration instruments. Azure Energetic Listing turns into the supply of information about customers, offering role-based entry to repositories and to the scripts used to ship functions. Now you can make sure who has put in an utility, who’s updated and who is definitely utilizing it. This method simplifies holding your community safe and understanding if you happen to’re appropriately licensed. With over-licensing as a lot of an issue as under-licensing, there’s the prospect of serious financial savings with the transition to a extra managed software program distribution mannequin.
Intune customers can then discover revealed functions by means of the Firm Portal, permitting them to put in on their very own. Admins can deal with it as a extra user-friendly model of the Configuration Supervisor Software program Middle.
If you happen to’re utilizing the Microsoft Retailer for Enterprise, it’s time to start out planning your transition to this new winget-powered world. Microsoft will first launch its personal repository, which will likely be a mirror of the Microsoft Retailer, supplying you with entry to all of the apps out there to Home windows customers. Non-public repositories will comply with in 2023, supplying you with time to think about if you want to repackage functions.
How adjustments to the Microsoft Retailer imply adjustments to Autopilot
The adjustments will have an effect on how you employ Autopilot to configure new {hardware} remotely. Because it’s at present constructed round utilizing the Microsoft Retailer for Enterprise to host deployment profiles, you’ll want to vary to considered one of two choices: Intune or the Microsoft 365 Admin Middle. Autopilot profiles might be registered and managed utilizing each instruments, although you’ll have to manually migrate them from the Microsoft Retailer. If you happen to’re working with an OEM to register new gadgets with Autopilot, you have to to offer them a hyperlink to the brand new location for the mandatory consent type, which will likely be out there within the Microsoft 365 Admin Middle.
The brand new Endpoint Supervisor/Microsoft Retailer integration is at present in non-public preview, with a wider public preview due quickly. This will likely be out there inside current Endpoint Supervisor situations, marked as preview, permitting you to start out experimenting. Microsoft is making an enormous change right here that impacts the way you each deploy new gadgets and handle functions, so you need to begin work on migrating to the brand new service as quickly as potential to keep away from any lapses in service that might have an effect on delivering safety updates to your customers.
It’s clear from studying feedback to Microsoft’s weblog posts on the topic that the most important challenge for a lot of admins is transferring to Intune as their essential administration platform. At present’s Intune is now a mature administration platform that gives a lighter weight method to administration utilizing MDM tooling relatively than group insurance policies, an method that’s extra person pleasant and reduces go browsing occasions. It might take a while emigrate insurance policies to a brand new platform, transferring teams of customers throughout when you’ve configured and examined related insurance policies.
Placing all of the items collectively gained’t be as laborious because it appears to be like at first. The instruments could also be totally different, however the underlying philosophy hasn’t modified. If something, the addition of personal repositories and winget help ought to imply a way more versatile platform for managing the software program deployed to your fleet of PCs.
